General

  • Target

    2b43e25a7dccb9cc67de6756e29b86b0_NEIKI

  • Size

    257KB

  • Sample

    240507-zhay8aeg81

  • MD5

    2b43e25a7dccb9cc67de6756e29b86b0

  • SHA1

    66b3a1f81e2affd7fed7b686739c34a095d48ec7

  • SHA256

    1268bf4ecb4df18a18e265cf7498ec0c0e3f30c580abed8d233e30ab0eb59a12

  • SHA512

    781562d9bfdfc8cf956ac26ce18c74e7803f7d2fdbbd856711a8d1291ef54dc039ddd1004aa907742d0a2c263b47c24b3ad754e97b770d2b21e18caf01001c16

  • SSDEEP

    3072:PGo0bYZpn0YkotIzlKSZ37RpMmVN0T1RhIVh3ztvHFzpfO6GUix5iwJ:abYZpxORKArRW8ofhs1BF891Ww

Malware Config

Targets

    • Target

      2b43e25a7dccb9cc67de6756e29b86b0_NEIKI

    • Size

      257KB

    • MD5

      2b43e25a7dccb9cc67de6756e29b86b0

    • SHA1

      66b3a1f81e2affd7fed7b686739c34a095d48ec7

    • SHA256

      1268bf4ecb4df18a18e265cf7498ec0c0e3f30c580abed8d233e30ab0eb59a12

    • SHA512

      781562d9bfdfc8cf956ac26ce18c74e7803f7d2fdbbd856711a8d1291ef54dc039ddd1004aa907742d0a2c263b47c24b3ad754e97b770d2b21e18caf01001c16

    • SSDEEP

      3072:PGo0bYZpn0YkotIzlKSZ37RpMmVN0T1RhIVh3ztvHFzpfO6GUix5iwJ:abYZpxORKArRW8ofhs1BF891Ww

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks